Cisco Cisco FirePOWER Appliance 8130
12-14
FireSIGHT System User Guide
Chapter 12 Using NAT Policies
Managing NAT Policies
•
You can apply two different NAT policies to different devices, even though they are both targets for
multiple policies.
multiple policies.
•
You cannot apply a NAT policy to stacked devices running different versions of the FireSIGHT
System (for example, if an upgrade on one of the devices fails). See
System (for example, if an upgrade on one of the devices fails). See
for more information.
•
You cannot apply a new NAT policy with a policy apply already pending.
•
If you apply a device configuration that affects the interfaces in a NAT policy, the system reapplies
the NAT policy on the device, including the interface changes. However, the policy remains
unchanged on the DC and the interface displays an error icon (
the NAT policy on the device, including the interface changes. However, the policy remains
unchanged on the DC and the interface displays an error icon (
).
Note
Applying an empty NAT policy removes all NAT rules from a device.
See the following sections for more information:
•
explains how to use the quick-apply option to apply
the NAT policy.
•
explains how to select and apply
configurations within the NAT policy.
Applying a Complete NAT Policy
License:
Control
Supported Devices:
Series 3
You can apply a NAT policy at any time. Applying a NAT policy also applies any associated rule
configurations, objects, and policy changes to the devices targeted by the policy. A pop-up window
allows you to apply all changes together as a single quick-apply action.
configurations, objects, and policy changes to the devices targeted by the policy. A pop-up window
allows you to apply all changes together as a single quick-apply action.
To quick-apply a complete NAT policy:
Access:
Admin/Network Admin
Step 1
Select
Devices > NAT
.
The NAT page appears.
Step 2
Click the apply icon (
) next to the policy you want to apply.
The Apply NAT Rules pop-up window appears.
Alternatively, you can click
Save and Apply
on the policy Edit page; see
.
Step 3
Click
Apply All
.
Your policy apply task is queued. Click
OK
to return to the NAT page.
Tip
You can monitor the progress of the policy apply task on the Task Status page (
System > Monitoring > Task
Status
).